As we saw back in August, a popular photograph to PDF converter app called “CamScanner” was caught spreading malware to its users by Kaspersky. As the app had more than 100 million active users, the malware distribution campaign affected a large number of devices, and so Google removed it from the Play Store. As Kaspersky researchers pointed out, the module that was deployed looked similar to one that was previously found in Chinese smartphones. This means that it could be the result of a mistake in a new partnership between the app developer and a malicious advertiser.
As the developer, INTSIG, clarifies now, the malware distribution campaign that took place between June and July this year was indeed the result of falling victim to a rogue advertisement SDK. The particular SDK was provided by AdHub, with whom INTSIG cut ties immediately after they found out what was going on. The first version to get infected by the malware was CamScanner 5.11.7, and the last was 5.12.0. If you are still running one of these versions and anything in between, you should better remove the app immediately, and run an AV scan on your mobile device.
The malware that was used to infect the devices of CamScanner users was focused solely on click fraud activities, so people shouldn’t worry about personal data leaks or any form of information exfiltration. If you still have the app and malware, you are devoting processing resources and internet data to make money for the actors, and that’s it. Because this was so damaging to CamScanner’s reputation, INTSIG has submitted a lawsuit against the ad network that injected malware onto their app, so they hope to receive some form of compensation for what has happened.
Right now, you may download a clean version of CamScanner right from APK Mirror, and it looks like it has returned to the Play Store as well. The user reviews there are understandably negative, not because the app remains malware-ridden, but because people were disappointed by INTSIG’s carelessness. This is especially the case for those who were paying for a premium version of the app.
Will you be trusting CamScanner again, and do you believe the developer’s claims of having fallen victims to a scam ad network? Let us know of your opinion in the comments section down below, or on our socials, on Facebook and Twitter.